大家好!👋
I found this note taking strategy the best:
- I use
vscodewith Markdown*.mdfile format, - with a directory structure grouping notes under
cmds/<os>/,practices/,protocols/, andtools/{apt,github,web}/, - where each line of each file is using a prefix of one of:
#the beginning of a comment line, which contains Markdown format$the beginning of a Linux/MacOS bash prompt commandC:\>the beginning of a Windows cmd.exe prompt command
and a few other specialty shells like:PS>powershellmsf>Metasploitmsfconsole- etc.
This convention makes note-taking very clear and reusable. I frequently utilize the Ctrl-P hotkey to quickly jump to a topic by file, or Ctrl-Shift-F to search for a note by keyword.
Additionally, during a pentesting engagement, I will create a directory structure like net/<IP>.md with one file per host, where I keep additional notes regarding the history of my input/output interactions with each machine on the network.
This repo is mainly for me to refer back to, but I'm sharing publicly just in case anyone else finds these helpful!
P.S. Rather than browsing online in the Github viewer, just clone and open in vscode. Or else toggle the ?plain=1 view always. Otherwise the format will appear difficult to read.
There are many many similar works and each has their own merit. It would be a waste to reproduce them here. Instead, I'll link to my favorites.
- Cybersec professor's links
- Read all of https://book.hacktricks.xyz/
- Cherry pick what you don't know from https://academy.hackthebox.com/modules
- Learn what each SecList is for https://github.com/danielmiessler/SecLists
- InfoSec Prep Discord channel #oscp-pass-fail-exam-experiences
-
Hack-the-Box (HTB) clones https://forum.hackthebox.com/t/oscp-practice/531
-
VulnHub clones https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms
-
Walkthroughs
- 0xdf hacks stuff https://0xdf.gitlab.io/tags.html
-
Buffer Overflow
-
Windows Elevation of Privilege
-
Linux Elevation of Privilege
-
Watch Ippsec's YouTube channel
-
Converting Metasploit .rb exploits to stand-alone https://netsec.ws/?p=262
- This report generator from markdown template
https://github.com/noraj/OSCP-Exam-Report-Template-Markdown - OffensiveNim
- Red-Teaming-Toolkit https://github.com/infosecn1nja/Red-Teaming-Toolkit
- Nishang https://github.com/samratashok/nishang
- Phantom Evasion https://github.com/oddcod3/Phantom-Evasion
- AVIator https://github.com/Ch0pin/AVIator
-
The Ultimate List of SANS Cheat Sheets https://www.sans.org/blog/the-ultimate-list-of-sans-cheat-sheets/
-
PayloadsAllTheThings collection https://github.com/swisskyrepo/PayloadsAllTheThings
-
thehackingnomad collection https://blog.thehackingnomad.com/
-
Liodeus https://liodeus.github.io/2020/09/18/OSCP-personal-cheatsheet.html
-
"Gatekeeper Mentality" by xbufu, Aug 2021 https://web.archive.org/web/20210814192414/https://bufu-sec.com/oscp-review/
-
Steffin Stanly, Jul 2021 https://steffinstanly.github.io/PWK-and-OSCP-Review/
-
JohnJHacking, Feb 2021 https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/